Basics of z/OS RACF Administration
(ES19G)
Overview
This course begins with an introduction to the z/OS environment, TSO and ISPF/PDF, batch processing, and z/OS data sets. Hands-on labs allow you to gain experience with viewing and allocating data sets, submitting a batch job, and viewing job output. After the introduction to z/OS, you will then learn, through lecture and exercises, how to use basic RACF command parameters and panels to define users and groups, protect general resources, z/OS data sets, and choose a basic set of RACF options.
Audience
This basic course is for those who are new to z/OS and the RACF and responsible for security administration using the RACF element of the z/OS Security Server. Those who need to implement some of the more advanced features of the RACF might want to attend one or more of the following courses:
- Effective RACF Administration (BE87G)
- Implementing RACF Security for CICS (ES84G)
- Exploiting the Advanced Features of RACF (ES88G)
Prerequisites
You should have:
- Some familiarity with z/OS system facilities (beneficial).
Background material needed to proceed is presented the first day.
Objective
- List and describe the basic features and concepts of zSeries architecture and of the z/OS operating system as they relate to security administration
- Describe the allocation process for data sets in the z/OS environment
- Identify the security requirements of a system
- Use the basic facilities and features of RACF
- Define users to RACF
- Set up an RACF group structure
- Use RACF to protect resources
- Select a base set of options to tailor RACF
Course Outline
Day 1
- Welcome
- Unit 1: Review of z/Architecture and z/OS
- Unit 2: An introduction to ISPF and ISPF/PDF
- Exercise 1: Logging on to the lab system
- Unit 3: An introduction to z/OS data sets
- Exercise 2: Working with z/OS data sets
- Unit 4: Batch processing
- Exercise 3: Job submit and SDSF view Exercise review
- Unit 5: Security and RACF overview (part 1)
Day 2
- Unit 5: Security and RACF overview (part 2)
- Unit 6: Administering groups and users (section 6.1)
- Exercise 4 (including review): Defining an RACF group structure
- Unit 6: Administering groups and users (section 6.2)
- Exercise 5: User administration Exercise review
Day 3
- Unit 6: Administering groups and users (section 6.3)
- Exercise 6: Delegating security administration Exercise review
- Unit 7: Protecting z/OS data sets (to section 7.3)
- Exercise 7: Protecting z/OS data sets: Part 1 Exercise review
Day 4
- Unit 7: Protecting z/OS data sets (continued)
- Exercise 8: Protecting z/OS data sets: Part 2 Exercise review
- Unit 8: Introduction to general resources
- Exercise 9: Using RACF for TSO administration
Day 5
- Exercise review
- Unit 9: RACF options
- Unit 10: Other administrative facilities and features